<?php
    include "includes/DB.class.php";
/**
 * backend actions.
 *
 * @package    paintball
 * @subpackage backend
 * @author     Your name here
 * @version    SVN: $Id: actions.class.php 23810 2009-11-12 11:07:44Z Kris.Wallsmith $
 */

class backendActions extends sfActions{
    /**
     * Executes index action
     *
     * @param sfRequest $request A request object
     */
    var $username = "root";
    var $password = "admin";
    
    public function executeMain(sfWebRequest $request){
        $auth = $this->getUser()->getAttribute("logged");
        if(!$auth){
            $this->redirect('principal/main');
        }
    }
  
    public function executeMantNews(sfWebRequest $request){
        $auth = $this->getUser()->getAttribute("logged");
        
        if(!$auth){
            $this->redirect('principal/main');
        }
        
        $this->noticias;

        try { 
            $this->conn = new PDO('mysql:host=localhost;dbname=paintball', $this->username, $this->password);
            $this->conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING ); 

            $data = $this->conn->query('SELECT * FROM noticias');
            $this->noticias = $data->fetchAll();

        } catch(PDOException $e) {
                $this->error = $e->getMessage();
        }

    }
  
    public function executeInsertNews(sfWebRequest $request){
        $auth = $this->getUser()->getAttribute("logged");
        if(!$auth){
            $this->redirect('principal/main');
        }
        $date = $request->getParameter("date"); 
        $title = $request->getParameter("title");
        $content = $request->getParameter("content"); 

        try { 
            $this->conn = new PDO('mysql:host=localhost;dbname=paintball', $this->username, $this->password);
            $this->conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING ); 
            $sql = 'insert into noticias(nombre, descripcion, fecha) values(' . $this->conn->quote( $title ) . ',' . $this->conn->quote( $content ) . ',' . $this->conn->quote( $date ) .');' ;

            $result = $this->conn->query($sql);

        } catch(PDOException $e) {
                $this->error = $e->getMessage();
        }

    }
  
    public function executeDeleteNews(sfWebRequest $request){
      $auth = $this->getUser()->getAttribute("logged");
      if(!$auth){
          $this->redirect('principal/main');
      }
      $id = $request->getParameter("id"); 
      
        try { 
            $this->conn = new PDO('mysql:host=localhost;dbname=paintball', $this->username, $this->password);
            $this->conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING ); 
            $sql = 'delete from noticias where codigo = ' . $this->conn->quote( $id ) ;
            
            $result = $this->conn->query($sql);

        } catch(PDOException $e) {
                $this->error = $e->getMessage();
        }
    }
  
    public function executeReserv(sfWebRequest $request){
        $auth = $this->getUser()->getAttribute("logged");

        if(!$auth){
            $this->redirect('principal/main');
        }
          $this->reservasPendiente;
          $this->reservasConfirmada;

          try { 
              $this->conn = new PDO('mysql:host=localhost;dbname=paintball',$this->username, $this->password);
              $this->conn->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING ); 

              $data = $this->conn->query('SELECT `Codigo`, `Nombre`, `Correo`, `Fecha`, `Hora` FROM `reservas` WHERE `Estado` = "Pendiente"');
              $this->reservasPendiente = $data->fetchAll();

              $data = $this->conn->query('SELECT `Codigo`, `Nombre`, `Correo`, `Fecha`, `Hora` FROM `reservas` WHERE `Estado` = "Confirmada"');
              $this->reservasConfirmada = $data->fetchAll();
              
          } catch(PDOException $e) {
                  $this->error = $e->getMessage();
          }
    }

     public function executeUpdateReserv(sfWebRequest $request){
         try { 
             $id = $request->getParameter("id"); 
             $value = $request->getParameter("status"); 
             
             $sql = "UPDATE reservas SET Estado= '$value' WHERE Codigo = $id";
             
            $db = DB::Instance();
            $data = $db->query($sql);

        } catch(PDOException $e) {
            $this->error = $e->getMessage();
        }
    }
    
     public function executeCancelarReserv(sfWebRequest $request){
         try { 
             $id = $request->getParameter("idReserv"); 
             
             $sql = "UPDATE reservas SET Estado= 'Anular' WHERE Codigo = $id";
             
            $db = DB::Instance();
            $data = $db->query($sql);

        } catch(PDOException $e) {
            $this->error = $e->getMessage();
        }
    }
    
    
    public function executeLogout(sfWebRequest $request){
        $this->getUser()->setAttribute("logged", false);
        $this->redirect('principal/main');
    }

     
    
     public function executeContact(sfWebRequest $request){
        
    }
    
}
